How know send mail ip address

There are a few ways to find the IP address of the mail server that sent an email:

1. Header Analysis: You can analyze the email headers to find the IP address of the mail server that sent the email. The IP address is usually listed in the "Received" or "X-Originating-IP" headers. You can use a tool like mailheader or header to analyze the email headers.
2. DNS Lookup: You can perform a DNS lookup on the domain name of the mail server to find its IP address. For example, if the email was sent from example.com, you can perform a DNS lookup on example.com to find its IP address.
3. Whois Lookup: You can perform a Whois lookup on the IP address to find the domain name and other information about the mail server. For example, if the IP address is 192.0.2.1, you can perform a Whois lookup on 192.0.2.1 to find the domain name associated with that IP address.
4. Mail Server Information: Some mail servers provide information about themselves in the email headers, such as the X-Mailer or X-MSMail-Priority headers. You can use these headers to find the IP address of the mail server.
5. Network Monitoring Tools: You can use network monitoring tools like tcpdump or Wireshark to capture network traffic and analyze the packets to find the IP address of the mail server.

Here are some examples of how to find the IP address of the mail server using these methods:

Method 1: Header Analysis

• Use a tool like mailheader or header to analyze the email headers:

  $ mailheader -h example.com
  Received: from mail.example.com (mail.example.com [192.0.2.1])

  In this example, the IP address of the mail server is 192.0.2.1.

Method 2: DNS Lookup

• Use a tool like dig or nslookup to perform a DNS lookup on the domain name:

  
  $ dig example.com
  ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> example.com
  ;; global options: +cmd
  ;; Got answer:
  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345
  ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION: ;example.com. IN A

;; ANSWER SECTION: example.com. 3600 IN A 192.0.2.1

In this example, the IP address of the domain name is `192.0.2.1`.

**Method 3: Whois Lookup**

* Use a tool like `whois` to perform a Whois lookup on the IP address:

$ whois 192.0.2.1 NetRange: 192.0.2.0 - 192.0.2.255 CIDR: 192.0.2.0/24 NetName: EXAMPLE-NET NetHandle: NET-192-0-2-0-1 Parent: ARIN

In this example, the domain name associated with the IP address is `example.com`.

**Method 4: Mail Server Information**

* Use a tool like `mailheader` or `header` to analyze the email headers and look for information about the mail server:

$ mailheader -h example.com X-Mailer: Microsoft Outlook Express 6.00.2900.2180

In this example, the mail server is `Microsoft Outlook Express`.

**Method 5: Network Monitoring Tools**

* Use a tool like `tcpdump` or `Wireshark` to capture network traffic and analyze the packets to find the IP address of the mail server:

$ tcpdump -i eth0 -n -s 0 -c 100 -W 100 port 25

In this example, the output of the `tcpdump` command will show the IP address of the mail server that sent the email.

Note that these methods may not always work, and the IP address of the mail server may not be easily accessible. Additionally, some mail servers may use proxy servers or other techniques to hide their IP address.